Vault not found in the subscription error occurs randomly azure devops pipeline

mandar Jogalekar 36 Reputation points
2022-03-05T07:38:19.34+00:00

I am updating key vault access policies from azure devops yaml pipeline. below is the standard code.

       - task: AzureCLI@2
        displayName: "Set KeyVault access policy for Web App"
        inputs:
          azureSubscription: "$(serviceConnection1)"
          scriptType: bash
          scriptLocation: inlineScript
          inlineScript: |
            az keyvault set-policy -n '$(KeyVaultName)' --secret-permissions get list --object-id '$(appId)'

The task succeeds but also fails lot of times with an error

"vault not found in the subscription" . The service principle has contributor rights to the keyvault.

Network of keyvault is set to "All Networks" ,hence no firewall rules.

I am pretty certain, there is no technical error here, but the task fails quite a lot of times with this error. Any help would be great.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,149 questions
{count} vote

1 answer

Sort by: Most helpful
  1. Siva-kumar-selvaraj 15,571 Reputation points
    2022-03-07T09:14:12.77+00:00

    Hello @mandar Jogalekar ,

    Thanks for reaching out.

    Ideally, we receive the message The Vault '$KeyVaultName' not found within subscription when the supplied name does not match a vault that is available in Azure, thus we would recommend that you use the --debug' parameter in combination with the above cmdlet which provides more insight from key aspects. Also, if feasible, could you supply the keyvault name directly in the cmdlet rather than using a variable? also also curious if the '$(KeyVaultName)' variable has any whitespace at the start or end of KeyVaultName.

    az keyvault set-policy -n '{TypeKeyVaultName}' --secret-permissions get list --object-id '$(appId)' --debug

    Here are some troubleshooting guidance on Azure CLI task within pipeline. If none of this works, then would recommend you to contact azure support as this requires a deeper investigation. Thank you for your cooperation on this matter

    -----
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments